Java Runtime Environment 7 update 99 (32-bit) Available (x64) - CORRUPT PATCH
0 Votes |
Description
The listed computers have faulty installations of the latest Java Runtime Environment. BigFix recommends reinstalling this update to ensure the safety of affected computers. For more information about corrupt patches, see BigFix KB #166. Oracle has released a new version of the Java SE Runtime Environment (JRE). Use the action below to update Java to version 7 update 99. Note: Affected computers may report back as 'Pending Restart' once the patch has run successfully, but will not report back their final status until the computer has been restarted. Important Note: Follow the link for the 'Java SE Runtime Environment (JRE) 7 update 99' download on this page. For more information about manually caching file downloads on the BES Server, please see the following BigFix Support Knowledge Base article. Important Note: For Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 users, the installation may fail if the User Account Control (UAC) is enabled. Important Note: To avoid any service interruption on the client computer, use the default action only when client computers do not have any running instances of Java, Internet Explorer, or Firefox. The default action does not close any running instances these applications on the client machines. If any of these applications are running on the client computers, the default action might fail. Schedule the update to occur at a time when the client machine is not using these applications. Important Note: Choosing the "Upgrade to the latest JRE regardless of whether or not Internet Explorer, Firefox, or Java is currently running action" will close any running instance of Internet Explorer, Firefox, or Java on the client machines. Please schedule the update to occur at a time when a service interruption is acceptable. |
CVE:
CVE-2016-0636Property Details
10609 | |
Production - Fully Tested and Ready for Production | |
Java Runtime Environment 7 update 99 (32-bit) Available (x64) - CORRUPT PATCH | |
BESC | |
Critical Updates | |
29905984 | |
Oracle | |
22961080 | |
Critical | |
3/23/2016 12:00:00 AM | |
CVE-2016-0636 | |
Unspecified | |
Java, JRE, Java Update, 7u99, 7 upodate 99 | |
BrianCanFixIT on 3/30/2016 9:48:15 AM | |
BrianCanFixIT on 3/30/2016 9:48:15 AM | |
3645 Views / 3 Downloads | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Relevance
Used in 365 fixlets | * Results in a true/false |
Used in 103 fixlets | * Results in a true/false |
Used in 73 fixlets | * Results in a true/false |
Used in 14 fixlets | * Results in a true/false |
Used in 1 fixlet | * Results in a true/false |
Actions
Action 1
begin prefetch block
add prefetch item name = jre-7u99-windows-i586.exe sha1=87e1c38767c2a2f309817debdf0c5539b9c0df5d size=29905984 url={value of setting "_BESClient_AllowCustomRepoDownloads" of client | "http://download.oracle.com/MANUAL_BES_CACHING_REQUIRED/"}jre-7u99-windows-i586.exe sha256=877e5a35340c7fc9e99e86401070fbd2b128c0c9a4fc2683c5bca3193c709ea3
end prefetch block
continue if {not exists running application whose ((it = "java.exe" OR it = "javaw.exe" OR it = "javaws.exe" OR it = "iexplore.exe" OR it = "firefox.exe") of (name of it as lowercase))}
// Note: update .exe will restart service automatically
if{exists running service "JavaQuickStarterService"}
delete __appendfile
delete stop_javaquickstarter.bat
appendfile net stop JavaQuickStarterService
move __appendfile stop_javaquickstarter.bat
waithidden stop_javaquickstarter.bat
endif
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\JavaInstallation]" "InstallingJava7_32"=dword:00000001
//if it is win2k/2k3/xp system, just invoke the .exe installer
if {(name of it contains "Win2000" or name of it contains "WinXP" or name of it contains "Win2003") of operating system}
waithidden __Download\jre-7u99-windows-i586.exe /s
else
// Remove any existing directory junction point
dos %windir%\syswow64\cmd.exe /C fsutil reparsepoint delete "%windir%\syswow64\config\systemprofile\appdata\locallow\sun\java"
// delete java directory in 32bit version of system32, if any
dos rmdir /q /s "%windir%\syswow64\config\systemprofile\appdata\locallow\sun\java"
//create a java folder under system32 folder if not exists
if {not exist folder (system folder as string &"\config\systemprofile\appdata\locallow\sun\java")}
action uses wow64 redirection false
dos mkdir "%windir%\system32\config\systemprofile\appdata\locallow\sun\java"
endif
// create ntfs junction point from 32bit version of system32 java files to sysnative version
// (NOTE: mklink argument seems to be in native path perspective, so system32 is correct here, not sysnative)
action uses wow64 redirection false
dos mklink /J "%windir%\syswow64\config\systemprofile\appdata\locallow\sun\java" "%windir%\system32\config\systemprofile\appdata\locallow\sun\java"
// Finally, try to install java...
action uses wow64 redirection false
dos %windir%\syswow64\cmd.exe /C __Download\jre-7u99-windows-i586.exe /s
endif
action may require restart "87e1c38767c2a2f309817debdf0c5539b9c0df5d"
continue if {((exists value "DisplayVersion" whose ((it >= "7.0.990") of (it as string as version)) of keys whose (value "DisplayName" of it as string as lowercase contains "j2se runtime environment" OR value "DisplayName" of it as string as lowercase contains "runtimeenvironment" OR value "DisplayName" of it as string as lowercase starts with "java(tm)" OR value "DisplayName" of it as string as lowercase starts with "java 7") of it) AND (exists key whose (((it contains "java" OR it contains "j2se") AND (it contains "runtime environment" OR it contains "update")) of (value "DisplayName" of it as string as lowercase)) of it)) of key "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of x32 registry}
regdelete "[HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\JavaInstallation]" "InstallingJava7_32"
This action will be considered successful when the applicability relevance evaluates to false.
Action 2
begin prefetch block
add prefetch item name = jre-7u99-windows-i586.exe sha1=87e1c38767c2a2f309817debdf0c5539b9c0df5d size=29905984 url={value of setting "_BESClient_AllowCustomRepoDownloads" of client | "http://download.oracle.com/MANUAL_BES_CACHING_REQUIRED/"}jre-7u99-windows-i586.exe sha256=877e5a35340c7fc9e99e86401070fbd2b128c0c9a4fc2683c5bca3193c709ea3
end prefetch block
// Note: update .exe will restart service automatically
if{exists running service "JavaQuickStarterService"}
delete __appendfile
delete stop_javaquickstarter.bat
appendfile net stop JavaQuickStarterService
move __appendfile stop_javaquickstarter.bat
waithidden stop_javaquickstarter.bat
endif
waithidden {if (name of operating system = "WinXP" AND personal bit (suite mask of operating system)) then "tskill java /a" else "taskkill /F /IM java.exe"}
waithidden {if (name of operating system = "WinXP" AND personal bit (suite mask of operating system)) then "tskill javaw /a" else "taskkill /F /IM javaw.exe"}
waithidden {if (name of operating system = "WinXP" AND personal bit (suite mask of operating system)) then "tskill javaws /a" else "taskkill /F /IM javaws.exe"}
waithidden {if (name of operating system = "WinXP" AND personal bit (suite mask of operating system)) then "tskill iexplore /a" else "taskkill /F /IM iexplore.exe"}
waithidden {if (name of operating system = "WinXP" AND personal bit (suite mask of operating system)) then "tskill firefox /a" else "taskkill /F /IM firefox.exe"}
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\JavaInstallation]" "InstallingJava7_32"=dword:00000001
//if it is win2k/2k3/xp system, just invoke the .exe installer
if {(name of it contains "Win2000" or name of it contains "WinXP" or name of it contains "Win2003") of operating system}
waithidden __Download\jre-7u99-windows-i586.exe /s
else
// Remove any existing directory junction point
dos %windir%\syswow64\cmd.exe /C fsutil reparsepoint delete "%windir%\syswow64\config\systemprofile\appdata\locallow\sun\java"
// delete java directory in 32bit version of system32, if any
dos rmdir /q /s "%windir%\syswow64\config\systemprofile\appdata\locallow\sun\java"
//create a java folder under system32 folder if not exists
if {not exist folder (system folder as string &"\config\systemprofile\appdata\locallow\sun\java")}
action uses wow64 redirection false
dos mkdir "%windir%\system32\config\systemprofile\appdata\locallow\sun\java"
endif
// create ntfs junction point from 32bit version of system32 java files to sysnative version
// (NOTE: mklink argument seems to be in native path perspective, so system32 is correct here, not sysnative)
action uses wow64 redirection false
dos mklink /J "%windir%\syswow64\config\systemprofile\appdata\locallow\sun\java" "%windir%\system32\config\systemprofile\appdata\locallow\sun\java"
// Finally, try to install java...
action uses wow64 redirection false
dos %windir%\syswow64\cmd.exe /C __Download\jre-7u99-windows-i586.exe /s
endif
action may require restart "87e1c38767c2a2f309817debdf0c5539b9c0df5d"
continue if {((exists value "DisplayVersion" whose ((it >= "7.0.990") of (it as string as version)) of keys whose (value "DisplayName" of it as string as lowercase contains "j2se runtime environment" OR value "DisplayName" of it as string as lowercase contains "runtimeenvironment" OR value "DisplayName" of it as string as lowercase starts with "java(tm)" OR value "DisplayName" of it as string as lowercase starts with "java 7") of it) AND (exists key whose (((it contains "java" OR it contains "j2se") AND (it contains "runtime environment" OR it contains "update")) of (value "DisplayName" of it as string as lowercase)) of it)) of key "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of x32 registry}
regdelete "[HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\JavaInstallation]" "InstallingJava7_32"
This action will be considered successful when the applicability relevance evaluates to false.
Action 3
http://www.oracle.com/technetwork/java/javase/jdk7-relnotes-429209.html
Action 4
http://java.sun.com/javase/technologies/security/index.jsp#overview
Action 5
http://www.sans.org/top20/#c1
Sharing
Social Media: |